Interpreting DNS and NetBIOS Names

Murat Yildirimoglu

Mon, 2013-07-22 (All day)

Learn to correctly reconcile DNS and NetBIOS names

NetBIOS is a mechanism commonly found in Microsoft operating systems. This mechanism allows computers to locate and access each other over the network. In the NetBIOS mechanism, computers have at most 15-character names; these names are traditionally written in capital letters, such as MBXSRV1.

DNS isn't unique to Microsoft. The number one purpose of DNS is to convert computer names to IP addresses. For example, a query is sent to the DNS server for the www.windowsitpro.com name, and in return the DNS server responds with the IP address 67.208.46.176.

I recently encountered a problem interpreting DNS and NetBIOS names at one of my clients.

The client (let's call it customer.com) had an Exchange Server 2010 infrastructure with a Database Availability Group (DAG) consisting of two servers. In the Exchange Management Console, the active copy server reported that it couldn't communicate with the passive copy server (let's call it MBXSRV1) and declared its state as down. Event log records showed that the active server couldn't locate the other server or its Exchange services.

When I used the PING command (i.e., PING MBXSRV1) to check whether the passive server was accessible, I saw that it was accessible. However, there was something strange in the output of the PING command:

Pinging MBXSRV1 [10.0.0.78] with 32 bytes of data

Normally, the name should be the DNS name of the computer (i.e., mbxsrv1.customer.com). But instead of the DNS name, a NetBIOS name was displayed. It was clear that the response hadn't come from the DNS server.

When I checked the DNS server, there was no record corresponding to mbxsrv1. I created the necessary record, flushed the DNS client cache on the active server (ipconfig /flushdns), and refreshed the Exchange Management Console. The passive server's databases were displayed as "healthy."

It seems that Exchange Server developers use only the DNS names of servers. This isn't good; NetBIOS names should also be acceptable. But as non-developers, we can't change the logic behind the operations; instead, we must take care of the NetBIOS and DNS names.

It isn't enough to access computers using IP addresses or NetBIOS names alone. Most modern applications rely on DNS names. Therefore, we must correctly interpret these names in the output of commands.